漏洞描述
Apache OFBiz存在XML外部实体注入漏洞,此漏洞是由于httpService接口对用户的请求验证不当导致的。
Apache OFBiz CVE-2018-8033 XML外部实体注入漏洞
PoC代码
暂无相关漏洞推荐
-
CVE-2018-8033: Apache OFBiz XXE POC
2025-09-01 | Apache OFBizXXE injection (file disclosure) exploit for Apache OFBiz 16.11.04 -
CVE-2020-9496: Apache OFBiz XML-RPC Java Deserialization POC
2025-09-01 | Apache OFBizXML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache O... -
CVE-2021-29200: Apache OFBiz < 17.12.07 - Arbitrary Code Execution POC
2025-09-01 | Apache OFBizApache OFBiz has unsafe deserialization prior to 17.12.07 version An unauthenticated user can perfor... -
CVE-2018-1000600: Pre-auth Fully-responded SSRF POC
2025-09-01 | Pre-authA exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier... -
CVE-2018-1000861: Jenkins 2.138 Remote Command Execution POC
2025-09-01 | JenkinsA code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier...